https://s3h.com/tags/risk/ Recent content in Risk on S3H.com Hugo en-us Wed, 25 Mar 2026 00:00:00 +0000 https://s3h.com/2026/03/25/the-vulnerability-management-backlog-every-organization-has-and-nobody-talks-about/ Wed, 25 Mar 2026 00:00:00 +0000 https://s3h.com/2026/03/25/the-vulnerability-management-backlog-every-organization-has-and-nobody-talks-about/ <p>Vulnerability management programs have a dirty secret that annual security assessments and compliance audits politely decline to examine: the remediation backlog. Organizations that have deployed vulnerability scanners — Tenable, Qualys, Rapid7 — know their vulnerability count precisely. Most of them have more open vulnerabilities than they will remediate in the coming year. Many have more open vulnerabilities than they will remediate in the next three years at their current remediation pace.</p>